As computers and the internet progressively become more central to everyday transactions, the importance of security and privacy becomes increasingly vital. A strong and efficient authentication method is an increasingly important feature of any digital system. The use of biometrics—a way of identifying an individual based on physiological and/or behavioral characteristics—in addition to conventional methods of digital security provides an added layer of protection. Embodiments of the present disclosure address disadvantages and issues with previous methods of authenticating transactions in a blockchain ledger with improved system and methods.
An important feature of biometric information protection algorithms and schemes is the ability to encode messages within the encoded data that may be decoded only when a biometric is successfully matched to the biometric used to encode the message.
A blockchain database employs cryptography and other methods to implement and protect a transaction ledger, to which transactions can be added but not edited without detection. A transaction ledger may be public and distributed or private. Blockchain databases are highly resistant to tampering because of their cryptographic tamper detection mechanisms. A transaction ledger utilizing a blockchain database has applications in cryptocurrencies, banking, payments, smart contracts, and other applications.
While a key feature of a blockchain database is the anonymity of the humans contributing transactions, there are applications in which it may be useful to have the ability, with the cooperation of a contributor, to demonstrate the contributor's association with one or more transactions in a transaction ledger. It is also conceivable that a user may seek to repudiate a purported role as a contributor to a transaction.
Bitcoin is a payment system that serves as an example of the creation and use of a blockchain database. U.S. Patent Publication No. 2015/0262171 discusses Bitcoin and blockchain technology in detail and is expressly incorporated herein by reference in its entirety. In order to conduct bitcoin transactions, a cryptographic public/private key pair is generated by a user. The private key is held solely by the contributor (e.g. in a “wallet software”) and used to claim bitcoins. An “address” is a hash of the public key, and is noted in each bitcoin exchange, serving like an account number. A contributor may have different addresses for each transaction to enhance their anonymity in the transaction ledger. Bitcoins are passed from address to address with each transaction. The private key is also used to create a digital signature of the transaction. The public key is included in the transaction. These enable someone to verify that the contributor of the transaction is the holder of the associated private key via cryptographic challenge and response. If the private key is lost or stolen, however, the claim to a transaction may also be lost or stolen.
Transactions in a blockchain ledger are intentionally anonymous, ideally containing no personally identifiable information (hereinafter “PII”). There are cases, however, where it would be useful to be able to verify or disprove a claim of identity of a purported contributor of a blockchain transaction without requiring PII to be stored in the transaction.
Biometrics can be used to unambiguously link a human being to digital information using their unique physical traits in a way that is analogous to a handwritten signature or digital signature. Biometric data protection techniques enable this to be done in a way that anonymizes biometric data, preventing it from being useful for fraud in the event it is compromised. These techniques also enable encoding of messages that can only be decoded when a biometric match is achieved. The use of biometrics in addition to conventional, digital security methods adds an organic level of protection not possible through the use of computer processes alone.
These and other needs are addressed by the various embodiments and configurations discussed herein. One exemplary embodiment is directed generally to a blockchain database and particularly to the use of biometrics to enroll and/or verify a blockchain database transaction contributor.